Announcement

Collapse
No announcement yet.

SoBig Virus

Collapse
This topic is closed.
X
X
Collapse
First Prev Next Last
 
  • Filter
  • Time
  • Show
Clear All
new posts

    SoBig Virus

    Another lil critter to be careful of. It is a mass mailing virus.




    Brian Bundridge
    TrainSim.com Moderator

    #2
    RE: SoBig Virus

    I don't know if this will help but i'm trying it.

    Comment


      #3
      RE: SoBig Virus

      Heh, to the person that alerted about this thread being off topic, i kinda realized that When I made the post. Just like the Worm virus post was, this is letting people know as a heads up.


      Brian Bundridge
      TrainSim.com Moderator

      Comment


        #4
        RE: SoBig Virus

        Thanks for the heads up Mac, Its good to know what's out there, Some people enjoy being warned of potential hazards, Others.. well there loss x(
        -SK
        https://www.trainsim.com/vbts/signat...pic57635_1.gif

        Comment


          #5
          RE: SoBig Virus

          Its not JUST a mass mailer


          This article:


          contains what we knew was coming from the spammers:

          "The sole purpose of this virus is to generate a number of insecure computers
          that can be taken control of at will and used to distribute spam, porn, or host
          Web sites," Wood said.

          ================================================== ===========
          "As well as plundering Microsoft Outlook address books for new victims,
          Sobig F also attempts to implant a background program that turns
          infected machines into a relay for any messages sent by the virus's
          creator."

          "Mikko Hypponen, manager of anti-virus firm F-Secure, said Sobig F had
          been written by a spammer looking for ways to get past spam filters."

          BBC, News, BBC News, news online, world, uk, international, foreign, british, online, service


          ================================================== ===================

          For those who are not aware, The SoBig variants were all written for the
          purpose of creating spam zombies.

          Every variant is morphing the ports used by the spammer to relay off of the
          zombies. The SoBig.F variant of the last few days is probably in response to
          the MSBlaster cleanup, removing a good chunk of their previously infected
          machines.

          A good detailed analysis is here: (covers up to SoBig.e)

          sobig%2De.html make sure to visit the links to previous writeups.

          Derek

          Comment


            #6
            RE: SoBig Virus

            As I said before, Mods, important events like these should be posted in the most read section of the Forum to make sure that as many as possible get the message ! ;-)

            O t t o
            Web site: www.otto-wipfel.co.uk

            Comment


              #7
              RE: SoBig Virus

              OK this is it, just being a malicious SOB with too much time on one's hands is one thing(though still worthy of horsewhipping)but these spamming Aholes have used up the last bit of paitence anyone should afford them.
              Can we now resort to some of the medievil torture methods for any spammer caught originating this virus?

              Comment


                #8
                RE: SoBig Virus

                Something I cannot for the life of me understand is why people do not take precautions and stop these things dead in their tracks. Do they not care or possibly not read widely distributed instructions on how to prevent the spreading of E-Mail viruses?

                DO NOT OPEN AN ATTACHMENT!!!!

                That thing has hit my mail box 3 times in the last two days and I just click it off, delete and go on about my business.

                As said in a previous thread I do not under any circumstances keep addresses in my email address folder nor am I even able to open an attachment when received. Ain't nobody gonna accuse me of having a hand in helping spread the virus. Even if I could open an attachment I would not even open one from somebody I know. In many cases somebody you know and trust is unknowingly spreading the virus.

                An anti-virus program is necessary of course, but common sense is just as effective in combating a virus. The other alternative is to use a web based E-Mail program, but I like OE and refuse to give in to those that want to create havoc with a virus.

                Just my inflated nickles worth.

                Ken B.



                Comment


                  #9
                  RE: SoBig Virus

                  This today from the Reuters New Agency:
                  New virus spreads faster than ever
                  A new computer virus that spreads via email, Sobig.F, is the fastest-growing infection recorded, according to security group MessageLabs.

                  MessageLabs, a British-based Internet security firm, says SoBig has affected one in 17 emails sent around the world since Monday.

                  MessageLabs chief information analyst Paul Wood says it is feared the virus could increase global email traffic by as much as 60 per cent, slowing the Internet to a crawl.

                  "It's unprecedented in our history. We stopped over 1 million [infections] in the first day," he said.

                  "It's a pretty frightening statistic. And the next incarnation could be even worse."

                  In a statement, MessageLabs added: "This makes Sobig.F the fastest-growing virus ever, surpassing the infamous LoveBug, Klez and Kournikova viruses."

                  "All initial copies originated from the United States, where the virus is currently most prevalent."

                  Sophisticated

                  The Sobig.F virus, first detected on Monday, is the sixth and most sophisticated variant of a mass emailing virus that can spoof the sender's address, MessageLabs says.

                  The virus fools the user into believing the email is from a legitimate source and then opening the email.

                  The email often contains the header: "Subject: Re:details" and the text "Please see the attached file for details".

                  Attachment names include: your-document.pif, details.pif, your-details.pif, thank-you.pif, movie0045.pif, document-Fall.pif, application.pif, docment-9446.pif, MessageLabs said.

                  Once the file is opened, SoBigF scours the computer for email addresses, checking in Word documents, Internet logs and email inboxes.

                  It then sends scores of messages to the addresses it has collected.

                  Since the first variant of the SoBig virus was released in January, MessageLabs said it had intercepted 3 million copies.

                  Once the virus infects a machine it attempts to connect to a website to download a backdoor "Trojan", leaving the computer vulnerable to security breaches by hackers or other viruses, MessageLabs chief technology officer Mark Sunner said.

                  The virus is expected to be widespread for the next few weeks, Sunner says, but it is set to deactivate on September 10, halting further propogation.

                  "The Sobig virus writer's use of an inbuilt expiry date indicates that he is committed to inventing new and improved versions," Mr Sunner said.

                  "Each variant released so far has exceeded the previous one in growth and impact during the critical initial window of vulnerability."

                  -- AFP and Reuters


                  Comment


                    #10
                    RE: SoBig Virus

                    Well just one way to stop it from your computer is if you don't know the sender DELETE IT WITH OUT OPENING IT. Thats just for starters

                    Just Rollin Down The Tracks

                    Dale
                    Work Safe play hard

                    Comment


                      #11
                      RE: SoBig Virus

                      I've been receiving between 60-100 emails a day containing this virus. My Norton Anti-Virus has caught and deleted each one, but it is still a nuisance opening my inbox and having 30 more virus laden messages every couple of hours.

                      Comment


                        #12
                        RE: SoBig Virus

                        > Well just one way to stop it from your computer is if you
                        >don't know the sender DELETE IT WITH OUT OPENING IT. Thats
                        >just for starters

                        The problem with this virus, is it spoofs the senders name, so it may appear to be coming from someone you do know. The only reliable defense is a good Anti-Virus package.

                        Comment


                          #13
                          RE: SoBig Virus

                          Let us know how it works. I really like the price too, FREE!

                          Comment


                            #14
                            RE: SoBig Virus

                            One way you can stay safe is to use an internet mail system such as Juno, Hotmail, Yahoo, etc, even AOL has internet webmail. This way, your email stays on their server, their virus scan (with is constantly updated and maintained on a corporate level), and you're not bringing anything into your computer each time you read an email. I have yet to be hit with a virus in all my years on the internet.

                            Comment


                              #15
                              RE: SoBig Virus

                              That's one of the reasons I tell folk mailing me to be very specific in the subject line,if it's "check this out" or such I just dump it

                              Comment

                              Working...
                              X